HTS Basic Mission 4

What is HTS? Link to Basic Mission 4.

FORGETFUL SAM

This time Sam hardcoded the password into the script. However, the password is long and complex, and Sam is often forgetful. So he wrote a script that would email his password to him automatically in case he forgot.

E-mail? Seriously? If you cannot remember the password, please use an easy to remember password.

What You Need?

  1. Basic HTML Knowledge.
  2. A Browser.
  3. Notepad or Notepad++.
  4. Your E-mail address.

Let’s Start Hacking!

The send e-mail button is there for a reason. Let’s read the source.

<form action="/missions/basic/4/level4.php" method="post">
<input type="hidden" name="to" value="webmaster@hulla-balloo.com" />
<input type="submit" value="Send password to Sam" /></form></center><br /><br /><center><b>Password:</b><br />
<form action="/missions/basic/4/index.php" method="post">
<input type="password" name="password" /><br /><br />
<input type="submit" value="submit" /></form>

Interesting. Now we know that the e-mail will be sent to “webmaster@hulla-balloo.com” whenever he forget the password. What are we going to do now? Hack his e-mail? Believe me, this would be the last thing you would want to do.

Now, what we can do is to save the webpage. How? Click File and Save Page As… Then you open the file with Notepad or Notepad++. Edit some fields and save it. Then open with your browser again.

Tips: You need to change two fields and not one.

Spoiler

I don’t recommend you to read further from here if you want to test out your skills/knowledge. However, if you wish to cheat yourself or you are really unable to solve this puzzle although I gave you the tips, go ahead.

To view the spoiler, highlight below (left click your mouse and drag around the below area):


Save the webpage as something.html. Then open it with notepad or notepad++. Change the e-mail to your own e-mail. This is to make the website to send the e-mail to your e-mail account instead of the webmasters e-mail account.

Change /missions/basic/4/level4.php to http://www.hackthissite.org/missions/basic/4/level4.php This is because, if you did not change it, it will go to <the place you save the webpage>/missions/basic/4/level4.php instead of the website’s level4.php file.


Good luck!

I hope you learn about saving a webpage and HTML editing today. Feel free to leave some comments.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • Live
  • RSS
  • StumbleUpon
  • Technorati
  • Twitter
  • Yahoo! Buzz

Leave a Reply

emoticons

Where’s Xunlei?
Xunlei Post still exists. It's here.